From 39a3e0dea318a0b74faf8e3af035035e9dc89fc9 Mon Sep 17 00:00:00 2001 From: Uwe Steinmann Date: Thu, 7 May 2020 14:03:00 +0200 Subject: [PATCH] obey maxUploadSize whenever a file is uploaded --- CHANGELOG | 1 + inc/inc.ClassUI.php | 4 ++-- op/op.AddDocument.php | 4 ++++ op/op.AddFile.php | 4 ++++ op/op.UpdateDocument.php | 5 +++++ out/out.AddDocument.php | 1 - views/bootstrap/class.AddDocument.php | 7 ++++++- views/bootstrap/class.AddFile.php | 18 ++++++++---------- views/bootstrap/class.UpdateDocument.php | 6 ++++++ views/bootstrap/class.ViewFolder.php | 7 ++++++- 10 files changed, 42 insertions(+), 15 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index d4f390c26..80c037d7e 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -2,6 +2,7 @@ Changes in version 5.1.17 -------------------------------------------------------------------------------- - new version 5.16.2 of fine uploader +- obey max_upload_size whenever a file is uploaded -------------------------------------------------------------------------------- Changes in version 5.1.16 diff --git a/inc/inc.ClassUI.php b/inc/inc.ClassUI.php index 00422e869..9abad35cf 100644 --- a/inc/inc.ClassUI.php +++ b/inc/inc.ClassUI.php @@ -134,8 +134,8 @@ class UI extends UI_Default { $view->setParam('dropfolderdir', $settings->_dropFolderDir); $view->setParam('enablesessionlist', $settings->_enableSessionList); $view->setParam('workflowmode', $settings->_workflowMode); - $view->setParam('partitionsize', (int) $settings->_partitionSize); - $view->setParam('maxuploadsize', (int) $settings->_maxUploadSize); + $view->setParam('partitionsize', SeedDMS_Core_File::parse_filesize( $settings->_partitionSize)); + $view->setParam('maxuploadsize', SeedDMS_Core_File::parse_filesize($settings->_maxUploadSize)); $view->setParam('showmissingtranslations', $settings->_showMissingTranslations); $view->setParam('defaultsearchmethod', $settings->_defaultSearchMethod); $view->setParam('cachedir', $settings->_cacheDir); diff --git a/op/op.AddDocument.php b/op/op.AddDocument.php index 4c55beb66..56792736f 100644 --- a/op/op.AddDocument.php +++ b/op/op.AddDocument.php @@ -331,10 +331,14 @@ if(!empty($_POST['notification_groups'])) { } /* Check files for Errors first */ +$maxuploadsize = SeedDMS_Core_File::parse_filesize($settings->_maxUploadSize); for ($file_num=0;$file_num $folder->getName())),getMLText("uploading_zerosize")); } + if ($maxuploadsize && $_FILES["userfile"]["size"][$file_num] > $maxuploadsize) { + UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_maxsize")); + } if (/* is_uploaded_file($_FILES["userfile"]["tmp_name"][$file_num]) && */$_FILES['userfile']['error'][$file_num]!=0){ UI::exitError(getMLText("folder_title", array("foldername" => $folder->getName())),getMLText("uploading_failed")); } diff --git a/op/op.AddFile.php b/op/op.AddFile.php index 8b3a8022a..3eb2d566f 100644 --- a/op/op.AddFile.php +++ b/op/op.AddFile.php @@ -62,10 +62,14 @@ if(isset($_POST[$prefix.'-fine-uploader-uuids']) && $_POST[$prefix.'-fine-upload } } +$maxuploadsize = SeedDMS_Core_File::parse_filesize($settings->_maxUploadSize); for ($file_num=0;$file_num $document->getName())),getMLText("uploading_zerosize")); } + if ($maxuploadsize && $_FILES["userfile"]["size"][$file_num] > $maxuploadsize) { + UI::exitError(getMLText("folder_title", array("documentname" => $document->getName())),getMLText("uploading_maxsize")); + } if (is_uploaded_file($_FILES["userfile"]["tmp_name"][$file_num]) && $_FILES['userfile']['error'][$file_num] != 0){ UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("uploading_failed")); } diff --git a/op/op.UpdateDocument.php b/op/op.UpdateDocument.php index c8fa1759b..c39d1d5ca 100644 --- a/op/op.UpdateDocument.php +++ b/op/op.UpdateDocument.php @@ -91,6 +91,11 @@ if (isset($_FILES['userfile']) && $_FILES['userfile']['error'] == 0) { if($_FILES["userfile"]["size"] == 0) UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("uploading_zerosize")); + $maxuploadsize = SeedDMS_Core_File::parse_filesize($settings->_maxUploadSize); + if ($maxuploadsize && $_FILES["userfile"]["size"] > $maxuploadsize) { + UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("uploading_maxsize")); + } + $userfiletmp = $_FILES["userfile"]["tmp_name"]; $userfiletype = $_FILES["userfile"]["type"]; $userfilename = $_FILES["userfile"]["name"]; diff --git a/out/out.AddDocument.php b/out/out.AddDocument.php index 3b7f25407..cfefbf0c1 100644 --- a/out/out.AddDocument.php +++ b/out/out.AddDocument.php @@ -68,7 +68,6 @@ if($view) { $view->setParam('presetexpiration', $settings->_presetExpirationDate); $view->setParam('sortusersinlist', $settings->_sortUsersInList); $view->setParam('defaultposition', $settings->_defaultDocPosition); - $view->setParam('maxuploadsize', $settings->_maxUploadSize); $view->setParam('orderby', $settings->_sortFoldersDefault); $view($_GET); exit; diff --git a/views/bootstrap/class.AddDocument.php b/views/bootstrap/class.AddDocument.php index 57162b071..422f1fbb2 100644 --- a/views/bootstrap/class.AddDocument.php +++ b/views/bootstrap/class.AddDocument.php @@ -150,6 +150,7 @@ $(document).ready(function() { $folder = $this->params['folder']; $enablelargefileupload = $this->params['enablelargefileupload']; $enablemultiupload = $this->params['enablemultiupload']; + $maxuploadsize = $this->params['maxuploadsize']; $enableadminrevapp = $this->params['enableadminrevapp']; $enableownerrevapp = $this->params['enableownerrevapp']; $enableselfrevapp = $this->params['enableselfrevapp']; @@ -174,7 +175,11 @@ $(document).ready(function() { $this->contentStart(); $this->pageNavigation($this->getFolderPathHTML($folder, true), "view_folder", $folder); - $msg = getMLText("max_upload_size").": ".ini_get( "upload_max_filesize"); + $mus2 = SeedDMS_Core_File::parse_filesize(ini_get("upload_max_filesize")); + if($maxuploadsize && $maxuploadsize < $mus2) + $msg = getMLText("max_upload_size").": ".SeedDMS_Core_File::format_filesize($maxuploadsize); + else + $msg = getMLText("max_upload_size").": ".SeedDMS_Core_File::format_filesize($mus2); $this->warningMsg($msg); $this->contentHeading(getMLText("add_document")); diff --git a/views/bootstrap/class.AddFile.php b/views/bootstrap/class.AddFile.php index 8797bdbf4..114c2aa7b 100644 --- a/views/bootstrap/class.AddFile.php +++ b/views/bootstrap/class.AddFile.php @@ -126,6 +126,7 @@ $(document).ready( function() { $document = $this->params['document']; $strictformcheck = $this->params['strictformcheck']; $enablelargefileupload = $this->params['enablelargefileupload']; + $maxuploadsize = $this->params['maxuploadsize']; $this->htmlAddHeader(''."\n", 'js'); if($enablelargefileupload) { @@ -139,16 +140,13 @@ $(document).ready( function() { $this->pageNavigation($this->getFolderPathHTML($folder, true, $document), "view_document", $document); $this->contentHeading(getMLText("linked_files")); -?> -
- -'.getMLText('link_alt_updatedocument').'

', "out.AddFile2.php?documentid=".$document->getId()); - } -?> -
-warningMsg($msg); + $this->contentContainerStart(); ?> diff --git a/views/bootstrap/class.UpdateDocument.php b/views/bootstrap/class.UpdateDocument.php index b1c4b0815..eb85944b2 100644 --- a/views/bootstrap/class.UpdateDocument.php +++ b/views/bootstrap/class.UpdateDocument.php @@ -209,6 +209,12 @@ console.log(element); } else { $msg = getMLText("max_upload_size").": ".ini_get( "upload_max_filesize"); } + $mus2 = SeedDMS_Core_File::parse_filesize(ini_get("upload_max_filesize")); + if($maxuploadsize && $maxuploadsize < $mus2) + $msg = getMLText("max_upload_size").": ".SeedDMS_Core_File::format_filesize($maxuploadsize); + else + $msg = getMLText("max_upload_size").": ".SeedDMS_Core_File::format_filesize($mus2); + if(0 && $enablelargefileupload) { $msg .= "

".sprintf(getMLText('link_alt_updatedocument'), "out.AddMultiDocument.php?folderid=".$folder->getID()."&showtree=".showtree())."

"; } diff --git a/views/bootstrap/class.ViewFolder.php b/views/bootstrap/class.ViewFolder.php index 2585bd4cf..2e02df064 100644 --- a/views/bootstrap/class.ViewFolder.php +++ b/views/bootstrap/class.ViewFolder.php @@ -109,6 +109,7 @@ class SeedDMS_View_ViewFolder extends SeedDMS_Bootstrap_Style { $expandFolderTree = $this->params['expandFolderTree']; $enableDropUpload = $this->params['enableDropUpload']; $maxItemsPerPage = $this->params['maxItemsPerPage']; + $maxuploadsize = $this->params['maxuploadsize']; $showtree = $this->params['showtree']; $onepage = $this->params['onepage']; $sitename = trim(strip_tags($this->params['sitename'])); @@ -214,7 +215,11 @@ $('body').on('click', '.order-btn', function(ev) { echo "SeedDMSUpload.setUrl('../op/op.Ajax.php');"; echo "SeedDMSUpload.setAbortBtnLabel('".getMLText("cancel")."');"; echo "SeedDMSUpload.setEditBtnLabel('".getMLText("edit_document_props")."');"; - echo "SeedDMSUpload.setMaxFileSize(".SeedDMS_Core_File::parse_filesize(ini_get("upload_max_filesize")).");"; + $mus2 = SeedDMS_Core_File::parse_filesize(ini_get("upload_max_filesize")); + if($maxuploadsize && $maxuploadsize < $mus2) + echo "SeedDMSUpload.setMaxFileSize($maxuploadsize);"; + else + echo "SeedDMSUpload.setMaxFileSize($mus2);"; echo "SeedDMSUpload.setMaxFileSizeMsg('".getMLText("uploading_maxsize")."');"; }